Gambling News

Bitcoin Gambling Site Loses $1 Million After Scammer Takes Advantage of Software Flaw

- July 1, 2015 By Oliver Young -

A scammer managed to exploit software flaw and win more than $1m in Bitcoins at the Bitcoin gaming site Primedice.

The popular Bitcoin gambling site Primedice published a statement revealing that the site has lost $1 million in Bitcoins during the last year after a user exploited software flaw. The confession from the site was published online and it includes the whole story of how the house didn’t win the battle against their user named “Hufflepuff.”

When they contacted their user and asked him/her to give the coins back this is what they got for an answer: “Your offer is declined. Your demands are laughable. I’m happy to walk away and leave you be, but if you’re going to take this further, then so will I. I don’t think you want this to go further. I actually enjoy this shit. Your move. Oh, and by the way, there are some pending withdrawals that you need to process.”

The confessional post was published by a principal of the site identified shortly as Stunna. According to the Primedice representative, their new user Hufflepuff quickly became the site’s biggest bettor who wagered up to $8,000 worth of Bitcoin “every second for hours on end.” However, what they have found the most surprising was the fact this new user was constantly beating the house edge of 1%.

Hufflepuff Managed to Withdraw Over 2,400 Bitcoins

The story starts in August, 2014, when players called Nappa and Kane started scoring huge wins in a short period of time and requested a withdrawal.

Even though something was definitely shady, the team couldn’t find any wrong-doing and after delaying the cashout for some time, Primedice decided to pay the winnings to both Nappa and Kane. The delay probably had some effect on the scammer who returned after a few weeks under the username Hufflepuff.

The user continued to win lots of Bitcoins, while the team was trying to find out how was that possible. Before they were able to spot the exploit, Primedice had to process Hufflepuff’s withdrawal requests and payout over 2,400 coins, at the time worth roughly $1 million.

The Scammer Found a Way to Confuse the Server and Get Active Decrypted Seeds

Primedice revealed that Hufflepuff found a way to confuse the system at the Bitcoin site and make him give out decrypted active seeds. The trick was sending more requests than the system could process in a small period of time.

Therefore, the user received valuable information that helped him corroborate the outcomes of the bets he was placing. Therefore, he knew whether he was going to lose or win and wagered accordingly.

Once the team found out the exploit, they tracked Hufflepuff via his bitcointalk forum account and asked for their coins to be returned. As an answer they got a rude message as well as a new user Robbinhood who once again took advantage of the system flaw and won over 2,000 coins.

In the meantime, Primedice has fixed the problem and now functions normally. However, the operator will most definitely remember Hufflepuff and the $1 million it lost for a very long time.